/**
 * 
 */
package com.aier.user.action.pay.alipay;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

import com.aier.common.common.Constant;
import com.aier.user.action.pay.alipay.util.Base64;


public class RSASignature{
    
    /**

    * 解密

    * @param content 密文
    * 
    * @param key 商户私钥

    * @return 解密后的字符串

    */
    public static String decrypt(String content, String key) throws Exception {
        PrivateKey prikey = getPrivateKey(key);

        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, prikey);

        InputStream ins = new ByteArrayInputStream(Base64.decode(content));
        ByteArrayOutputStream writer = new ByteArrayOutputStream();
        //rsa解密的字节大小最多是128，将需要解密的内容，按128位拆开解密
        byte[] buf = new byte[Constant.num_128];
        int bufl;

        while ((bufl = ins.read(buf)) != -1) {
            byte[] block = null;

            if (buf.length == bufl) {
                block = buf;
            } else {
                block = new byte[bufl];
                for (int i = 0; i < bufl; i++) {
                    block[i] = buf[i];
                }
            }

            writer.write(cipher.doFinal(block));
        }

        return new String(writer.toByteArray(), "utf-8");
    }


    
    /**

    * 得到私钥

    * @param key 密钥字符串（经过base64编码）

    * @throws Exception

    */

    public static PrivateKey getPrivateKey(String key) throws Exception {

        byte[] keyBytes;
        
        keyBytes = Base64.decode(key);
        
        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
        
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        
        PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
        
        return privateKey;

    }
    
    public static final String  SIGN_ALGORITHMS = "SHA1WithRSA";
    /**
    * RSA签名
    * @param content 待签名数据
    * @param privateKey 商户私钥
    * @return 签名值
    */
    public static String sign(String content, String privateKey)
    {
        String charset = "utf-8";
        try 
        {
            PKCS8EncodedKeySpec priPKCS8     = new PKCS8EncodedKeySpec( Base64.decode(privateKey) ); 
            KeyFactory keyf                 = KeyFactory.getInstance("RSA");
            PrivateKey priKey                 = keyf.generatePrivate(priPKCS8);

            java.security.Signature signature = java.security.Signature
                .getInstance(SIGN_ALGORITHMS);

            signature.initSign(priKey);
            signature.update( content.getBytes(charset) );

            byte[] signed = signature.sign();
            
            return Base64.encode(signed);
        }
        catch (Exception e) 
        {
            e.printStackTrace();
        }
        
        return null;
    }
    
    /**
    * RSA验签名检查
    * @param content 待签名数据
    * @param sign 签名值
    * @param publicKey 支付宝公钥
    * @return 布尔值
    */
    public static boolean doCheck(String content, String sign, String publicKey)
    {
        try 
        {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            byte[] encodedKey = Base64.decode(publicKey);
            PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));

        
            java.security.Signature signature = java.security.Signature
            .getInstance(SIGN_ALGORITHMS);
        
            signature.initVerify(pubKey);
            signature.update( content.getBytes("utf-8") );
        
            boolean bverify = signature.verify( Base64.decode(sign) );
            return bverify;
            
        } 
        catch (Exception e) 
        {
            e.printStackTrace();
        }
        
        return false;
    }
    

}
